nixOS: Failed to connect to the YubiKey: connecting to pscs: the Smart card resource manager is not running - Githubissues

FiloSottile / yubikey-agent

yubikey-agent is a seamless ssh-agent for YubiKeys.

https://filippo.io/yubikey-agent

BSD 3-Clause "New" or "Revised" License

2.6k stars 124 forks source link

nixOS: Failed to connect to the YubiKey: connecting to pscs: the Smart card resource manager is not running #137

Open Lownin opened 1 year ago

Lownin commented 1 year ago

Per the README, I've added

services.yubikey-agent.enable = true;

to my /etc/nixos/configuration.nix

I (successfully) rebuilt with sudo nixos-rebuild switch however when attempting yubikey-agent -setup I recieve the error

nixOS: Failed to connect to the YubiKey: connecting to pscs: the Smart card resource manager is not running

I've done some googling but have not seen anything relevant. Other apps work with the yubikey, like fido via firefox, and the YubiKey personalization tool.

I've successfully used the yubikey-agent to set up keys on my Mac after installing with homebrew.

Is some other set up required on nixOS that isn't documented in the README?

Thanks!

supermarin commented 1 year ago

Got to the bottom of it - you'll need to enable services.pcscd.enable = true; in configuration.nix. Since this is a direct dependency, I'll submit a PR to nixpkgs to automatically include transitive dep.

supermarin commented 1 year ago

@Lownin can you please test? https://github.com/NixOS/nixpkgs/pull/215740

Lownin commented 1 year ago

@supermarin adding services.pcscd.enable = true; to my configuration.nix worked. I can now set up keys on nixOS. Thanks!

supermarin commented 1 year ago

@Lownin any chance you could test my PR? (remove the line from your configuration.nix and just use services.yubikey-agent.enable = true)?

Lownin commented 1 year ago

@supermarin happy to help, but not sure how to make sure nixOS pulls in the PR version and not the regular one. How do I do that?

supermarin commented 1 year ago

@Lownin are you using flakes? if so, you can replace inputs.nixpkgs = whatever-you-have-here with inputs.nixpkgs = github:supermarin/nixpkgs/patch-3 and nixos-rebuild switch.

Lownin commented 1 year ago

@supermarin I haven't touched Flakes yet. Just started with nixOS. Working through learning the basics, then will tackle home-manager, then flakes. Is there an unpainful way for me to do it with a monolithic configuration.nix ?

supermarin commented 1 year ago

@Lownin let's take the conversation to NixOS Matrix channel and report here if the issue is resolved in the end, so we don't bloat the issue.

Lownin commented 1 year ago

Sounds good. @Lownin:matrix.org

supermarin commented 1 year ago

@FiloSottile you can close, this is resolved in https://github.com/NixOS/nixpkgs/pull/215740